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TITLE OF THE INVENTION 

NETWORK ACCESSIBLE APPARATUS, SECURITY METHOD USED BY THE APPARATUS, 
AND INFORMATION STORAGE MEDIUM THAT IS REPRODUCIBLE BY THE APPARATUS 

CROSS-REFERENCE TO RELATED APPLICATIONS 

[0 001] This application claims the priority of Korean Patent Application No. 2002-59400, filed 
on September 30, 2002, in the Korean Intellectual Property Office, the disclosure of wh.ch » 
incorporated herein in its entirety by reference. 

BACKGROUND OF THE INVENTION 

1 Field of the Invention 

[0002] ' The present invention relates to a security model that can be applied to a network 
accessible apparatus, and more particularly, to a network accessible apparatus, a security 
method used by the apparatus, and an information storage medium that is reproducible by the 
apparatus. 

2 Description of the Related Art 

[0003] ' A network accessible apparatus can read various types of content from a network. 
For example, a user may access the Internet and read the content thereof using a web browser. 
The content denotes presentable files, such as text files, image files, moving picture files, Java 
programs, script programs, and markup documents. The content may be present ,n local 
storage media, such as hard disks, or remotely, through the network. When applications such 
as the markup documents or the Java programs are interpreted and executed, contexts are 
generated. Accordingly, the contexts denote instances that are presented by analyzing and 
operating the content. 

[0004] However, in the case where the contexts are generated from the content retrieved 
from the network, the contexts should be managed carefully. When the content is retrieved from 
the network to a local device, a resulting context may detect important user informal that » 
stored in the local device, and choose to transfer the user information to the server of the 
network or destroy the information. In other words, because a reliability of the content cannot 
be secured, a novel security method is necessary. 



1 



1293.1956 



SUMMARY OF THE INVENTION 

[0005] The present invention provides a network accessible apparatus, a secunty method 
used by the apparatus, and an information storage medium that is reproducible by the. 
apparatus to enhance security against content that is read from a network. 
[0006] According to an aspect of the present invention, there is provided a security method, 
which is applicable to a network accessible apparatus, the security method including: identify 
whether a command is a reliable request or an unreliabia request, wherein a context issues the 
command to read a content; reading the content and generating a reliable context _ 
corresponding to the content when the command is the reliable request; and read,ng the extent 
and generating an unreliable context corresponding to the content when the command ,s the 
unreliable request. 

.0007] The present invention also provides a security method, which is applicable to a 
network accessible apparatus, the security method including: identifying whether a context ,s a 
reliable context or an unreliable context, wherein the context issues a command to perform a 
specie operafion; determining that me specfc operation is not permitted when the context . 
an unreliable context; and not performing the specific operation and outputting an error 
message when the specific operation is no. permitted. In the method, the issuing of the 
command may include identifying a reliability of the context based on a flag of a ™™^* 
which the context that issues the command is loaded. The no. performmg the sp.C c opera.cn 
may include no. performing a preload when the context commands to preload a markup 
document to secure seamless reproduction of AV data and outputting the error message. The 
no. performing the specific operation may include no. performing a delefion woen the context 
commands to delete data that is preloaded in a memory of the network accessible apparatus 
and outputting the error message. The not performing the specific operation may include no. 
performing access when the context commands to access data that is recorded on a d,s 
mounted in the network accessible apparatus and outputting the error message. The not 
performing the specific operation may include not performing access when the context 
commands to access another frame through the no. performing the specific operation a fram 
and outputting the error message. The no. performing the speeffic operation may incfude not 
performing access when the context commands to access cookies that are stored in the 
network accessible apparatus by another context and outputting the error message. The not 
performing the specific operation may include not performing access when the context 
commands to acoess another context that is operated in the network accessibie apparatus and 
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outputting the error message. The not performing the specific operation may include not 
performing contro. if the context commands to control a reproducing engine, which reproduces 
AV data recorded on a disk mounted in the network accessib.e apparatus and outputtmg the 
error message. 

[00081 Another security method according to an aspect of the present invention, which is 
appiicabte to a network accassible apparatus, includes: issuing a command by a reliable context 
,o read a content; identifying whether the command is a reliable request or an unreliable request 
based on syntax of the command; and generating a reliable context corresponding to the 
content when the command Is the reliable request; and generating an unreliable context when 
the command is the unreliable request. Content corresponding to the reiiable context may be 
recorded on a disk mounted in the network accessible apparatus. The command recorded as 
an -http /r request in content corresponding to the reliable context may be determined as the 
reliable request, and the command recorded as an -httpu://' request in content corresponding to 
the reliable context may be determined as the unreliable request. 

,0009] in another aspect of the present invention, there is provided an information storage 
medium that is reproducible by a network accessible apparatus, the information storage medrum 
including an application content storing command information, wherein the command 
information is interpreted as a reliable request or an unreliable request. The command 
information may be recorded using syntax to identify whether the command is a relrable request 
or an unreliable request. According to an aspect o, the present invention, the reliable request ,s 
recorded as an -Mp*- request and the unreliable request is recorded as an "httpu;// request. 
,0010] in another aspect of the present invention, there is provided a network accessible 
apparatus including: a ,eade, ,eading a first content from a disk mounted in the apparatus; and 
a p,esen,a,ion engine teading a second content from a network, herein the presentafion 
engine generates a IM reliable context correspond^ to the first content from the drsk, and 
intents and executes the second content from the network to generate a second relrable 
context, or interprets and executes the second content from the network to generate an 
unreliable context. 

,0011] in the apparatus, the presentation engine identifies the reliability of a context that 
issues a command ,o read the second content from the network, to generate the unreliable 
context corresponding to the second content when the contexl that issues the oomman ,s he 
unreliable context, and to identify whether the command is a reliable request or an unrelrable 
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fequ es, when the context that issues the command is a retiable context, to generate th re^e 

ZZLm«** '° - -«* c °" tent when the °° mmand iS ' he re ' ia ^ d he 

Tenel an unreliable context corresponding to the second content when the command . .he 
Tn e l request The presentation engine may.examine syntax recorded in the correspond^ 

unreliable request. 

,0012, Another network accessible apparatus according to an aspect o, .he present invention 

, L a reader reading a first content from a disk mounted in the apparatus; and a 
It l^ elg a second content from a network, wherein ,e presen.a.ion engine 
reliabta context corresponding .0 .he content from .he disk, and interpret and 
"me slnd con.en. from .he network, which is reliably requested by the « 
Tntat o generate a second reiiabte context, and interpret and execu.es .he second content 
Z t n Irk, which is unreiiabiy requested by .he f,rs,,e,iab,e context , gene^n 
reliable contex. wherein when a command to perform an operation from the unrehable 

error message. 

[00131 in .he apparatus, when a command to preload a markup document .0 secure 
Im ess reproduc ion of AV data is recaivad from me unreliable context, the present* on 
„7„ does no. perform the preload and outputs the error message. When a cxoman to 
engine ' ™«n* «. is received from the unreliable 

delete data that is preloaded in a memory of the apparatus recede 
context the present engine does no. perform the deletion and ou.pu.s .he error massage. 
Wna command to access data ma. is recorded on a disk mounted In, he apparatus is 
livedTm the unreliable contex,, .he presentation engine does no. perform the acces and 

Xleerror message. .V^-^^^^r^^' 
Jived from .he unreliable contex., the presentation engine does no. perform th ess 
outputs the error message. When a command to access cookies that are stored ,n the 
ZlTb another dex, is received from me unreliable context, the presentation engine 
dl Perform the access and outputs the error message. When a command to acco 
a" her Lex. that is operatad in the apparatus is received from the unreliable ccnta^e 
n otation engine does no, perform the access and outputs ,he error message. W en he 
ZZZ co.ro, me reproducing engine, which reproduces AV data recorded on the d, 
ZZ , me appara,us is received from ,he unreliable context, ,be presentation engine does 
no, perform the control and outputs the error message. 
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Ludes- a reader reading a first content from a disk mounted in the apparatus, and a 

Tenerafes a refiaOie context corresponding to the second content ,n response to »h rel able 

nd fhe presentation engineretdeves the second content,™ the n*«* n 
lerl an unlbie context corresponding to the second content in response to 
unre«e rogues, The presentation engine may identify an W reguest as a re„ab,e 
reguest and an "httpuJr reguest as an unreliable reguest. 

,0015, Additional aspects and/or advantages of the invention wilt be set forth In part in the _ 
practice of the invention. - 

^^^^^^^ 

drawings in which: 

PIG , is a btock diagram illustrating a secuniy system in which a security method, 

/^^^^ 
aPPara n G . 3 is a block diagram —g the reproducing apparatus, according to another 

reC orded on a disk of FIG. 3, including markup documents and Java programs 

FIG. 5 is a block diagram illustrating the reproducing apparatus, according to a 

a a on thp rikk of FIG 5 including the markup documents; 
.corded on the disk o, FIG. 5, inctuding the markup documents and the Java programs, 
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FIG. 8 is a flowchart illustrating the security method, according to an aspect of the 

present invention; and 

FIG. 9 is a flowchart illustrating the security method, according to another aspect of the 

present invention. 

DETAILED DESCRIPTION OF THE INVENTION 

[00171 Reference will now be made in detail to the aspects of the present invents, 
examples of which are illustrated in the accompanying drawings, wherein like reference 
ZL refer to like elements throughout. The aspects are described below in order to expla.n 
the present invention by referring to the figures. 

[0018] FIG. 1 is a btocK diagram illustrating a seen* system in which a security method, 
according to an aspect of the present invention, is realized. 

[0019, Referring to FIG. 1, a security system includes a reproducing apparatus 1 according 
an spec, of the present invention, which is connected to a network sue* as the Internet. The 

Zdulg apparatus 1 reads and executes content that is recorded on a disk 10, an examp e 
an informal storage medium. ,n add-on, the reproducing apparatus 1 accesses a, east 

one server, 2 and 3, over the Interne, to retrieve predetermined content from the senrers 2 and 

[0020] Disk 10 includes some content that is analyzed, operated, presented and generated 
nto a context. The content ,o generate the context is referred to as an applied con.en The 
context is an instance of the applicant content. Examples of the applicant content mclude 
Java programs, script programs, and markup documents. 

[0021] The reproducing apparatus 1 identifies whether the content is a reliable content or an 
unreliable content based on a source of the content. In .he present aspect, ft. reproductng 
apparatus 1 regards .he content read from .he disk 10 as the reliable content In .he case of 
content retrieved from the network, the content reliability is identified by ana,yz,ng a command 
syntax requesting content from the network. 

[00221 When producing the application content recorded on the disk 10, a content producer 
Iso records the command syntax into the content. The command syntax can be analyzed as a 
Z le command or an unreliabie command. For exampie. when producing a content senrer as 
the markup documents, me content sewer is acoessible by „nk tags and a server **« . 
determined. Thereafter, command infomtation that commands to retrieve predetermtned 
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content from the untenable server Is recorded using the command syntax that Is analyzed into 
rlll^est T.ecommandin^ontoretrlevemeprede.rmlnedoonten.troma 

reliable server is recorded using the syntax that is analyzed into a re„able request. 

,0023, Tbe command syntax to request reliability can be determined by various methods. 

Por e ample, when the apptication content recorded on the disK 10 includes the marKup 

dime! toe reliable request tor a predetermined canton, from the netwo* Is recorded as an 

•http /f request and the unreliable request is recorded as an "httpu^ request. 

,0024] Anexamp,eo,an-h«p:/rreques.re OT dedinamarKupdoc,men,lsas,ol,ov,s. 

When toe reproducing apparatus 1 parses the fo.ow.ng * request, fhe reproduce 
apparatus 1 recognizes that the request is the reliable request. 

<a href='http://www.img.org/coolsite.htm->trust</a> 
,00251 An exampto of an "haput/f request recorded in a marxup document is as follows. 
When the reproducing apparatus 1 parses the following ' W request, toe reproducing 
apparatus 1 recognizes that the request is the unreliable request. 

<ahref=-httpu://www.img.org/coolsite.htm->untrust</a> 
,0026, When toe reliable context requests specific content using the unreliabte requeue 
1 ucing appa,a,us , retrieves and executes toe corresponding content to generate to 
nlbl LL When toe reliable context requests the specific conton, us,ng toe ,e able 
Cube reproducing apparatus , retrieves and operates toe corresponding content to 
generate the reliable context. 

,00271 The reproducing apparatus 1 performs the commands from the reliable contexts; 
ZL toe rep educing apparatus , .restricted, performs restricted commands from toe 

unreliable contexts. By restricted, perfomning the restricted commands from the unreltabie 
contexts, toe security of toe reproducing apparatus 1 can be maintained. 
,00281 The unretiable contexts cannot generate reliable contexts in toe present aspect of the 
J en. in fion. In addition, toe unreliable contexts are maintained restricted in operabons as 
o 2 First, toe unreliable context cannot perform cache con.ro, operations, such as pr load 
o dTete Pretoad and deletion wil, be described later. Second, I, .he unreliable context , one 
fraleta structure having a plurality o, frames, toe unreliable context cannot access another 
Tall Thiri the unrelial context cannot access cookies that are stored in the reproduce 
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apparatus , by another context. Fourth, the unreliable context cannot exchange data with 
another context. 

[„„ 29 , FIG. 2 it.uc.ra.es a memory structure loaded with the contexte generated by the 
reproducing apparatus. 

,0030, Referring to FIG. 2. to. contexts generated trom toe app.,ca«on content has 
corresponding context data. 

,0031, FIG. 3 is a btock diagram illustrating .he reproducing apparatus 1 of FIG. 1, according 
to another aspect of the present invention. 

,0032, Referririg to FIG. 3, toe reproduce apparatus 1 is illustrated as a player to reproduce 
ZZZ a disk 100. including a reader 11 and a presentation engine 12. The content 
recorded on the disk 100 includes some application content. 

,0033, The reader 11 reads toe application oonten.from toe disk 100 and p^destoe 
executes the application content to generate toe contexts. 

,0034, in the present aspect, markup documents are recorded on toe disk 100. The markup 
the markup images and/or the Java applets to the users. 
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,00361 FIG. 4 describes how the context is generated by interpreting and executing the 
content recorded on the disk 100 of FIG. 3. including me markup documents and the Java 
programs. 

[003T] Referring to FIG. 4, the content of the disk 100 includes markup documents A HTM. 
bZ, C.HTM. and D.HTM and a Java program D.3AR. The Java program "^Tne 
classes for fhe Java applets, image files, and sound files that are compressed into one file. 
JAR file is defined in the maitap document D.HTM as follows. 

<apple. code=Apple.C,assName archive=JarFileName width=wid.h heigh,=heigh./> 
[00 3 81 App,«ClassName denotes the steri class name of .he Java apple,, and J,F«ame 

denotes the name of the JAR file, in which the Java apple, dasses, the .mage file, and the 
denotes the name ^ ^ app|e(s execute 

sound files are compressed. Width denotes an image wiui 

and heigh, denotes a heigh, of the image on which the Java applels execute. 
,00391 The markup document A. HTM is interpreted and presented to implement a main 
aT and he ma rkup do— B.HTM, C.HTM, and D.HTM are interpreted and presente 
"piemen, sub frames. In addifion, the Java program D.JAR is interpreted and presented to 
mZl. a ^va apple, which is located in the sub frame implemented fiom the mark* 
ocumen. D HTM. In Ms case, a single context is implemented fiom the Java app e. and 

in unite o, frame unite. As described above, the contents are interpreted, executed, 
presented, and generated into contexts. 

,0040, FIG. 5 is a block diagram illus.ra.ing the reproducing apparatus of FIG. 1 , according to 
a further aspect of the present invention. 

(004H Referring ,o FIG. 5, ,he reproducing apparalus 1 includes a reader 31, a presentation 
. no 32 an AV eproducing engine 33, and a blender 34. Content recorded on a disk 300 
no des .he markup documente. .he Java programs, and AV date. The AV date ,s recorded ,n 
CdVD^I date forma.. In ,he presen. aspect, application conten. denotes .he markup 
documents and the Java programs. 

,0042, The reader 31 provides the AV date recorded on .he disk 300 .o reproducing 
engine 33 and provides Ihe markup documente and .he Java programs recorded on .he disk 
300 to the presentation engine 32. 

,0043, The presented engine 32 retrieves me content through .he reader 31 or directly 
IlLnetwor, The presen.a.ion engine 32 interprets and executes .he application contenUo 
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generate — In the presen, aspect me presentation engine ^^T" 

.ransfers the AV data to the AV reproducing engine 33. The AV reproduce engine 33 
able to reproduce the AV data and output AV images. 

■0044, The blender 34 blends and outputs the AV images and the markup images 
CUthemarkupimageswimtheAVimagesembeddedUrereinaredispiayedona 

screen of the reproducing apparatus 1 . 

,0045, A method of displaying the markup image with the embedded AV image is well know, 
"1 skilin the art. For example, PC Fhendly DVDs reproduce DVD-V,deo data and 
, T,t he AV images using HTML documents by embedding in the markup images, wh,ch 

r iZitigL ^^^^^ 

Application No. 01 3352b (da ^ and Korean 

October 20. 2001). Korean Application No. 01-65391 (dated 
Application No. 02-50524 (dated on August 26, 2002) illustrate such methods. 
,0046, FIG 6 describes how context is generated by interpreting and executing content 
recorded on the disk 300 of FIG. 5, including the markup ddcuments. 
,0047, Referring to FIG. 6. the content recorded on the disk 300 includes the AV data and a 
J H urn n, E HTM The AV data is reproduced by .he AV reproducing engine 33 to 

implement a main frame. In this case, the markup image forms the context. 

,00481 FIG 7 describes how contexts are generated by reproducing the AV data, and 

document and the Java program. 

,0040, Referring to FIG. 7. the AV data, a markup docun.nl F.HTM, and a Java program 
P A R arer iTd on the disk 300. The AV data is reproduced by the AV reproducing engine 
sTi^el. .he AV image, and the markup document F.HTM is interpreted and presented 
II the mairi frame. The Java program F.JAR is defined in the ma*up docum n, ^ 
• , ♦ thP lava aoolet that is operated in the markup image. The markup .mage 
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is interpreted, executed, and presented so that .he application content is generated as the 
contexts. 

[0050] A security method, according to an aspect of me present invention, will now be 
described based on the structure described above. 

[00511 FIG. 8 is a flowchart, Illustrating a security method, according to another aspect of the 
present invention. 

[0052, Refemng«oF,G.8,atoperaUOn80,,whenasing.econ t ex1issuesacommand^o 
ead me content from the disk 300 or the network, a, operation 802, the reproduang apparatus 
, ide n«ies whether the contexfls a reliable context. 

identffled based on the flag stored in memory 11.1. .he context ,s the * 
operation 803, .he reproducing apparatus 1 reads the content and generates ft. n b,e 
context corresponding to the content read. At operation 804, ff the context ,s the reliable 

— '«* — ' -reguestofUhecontexlisfhereliabe 
Zee, or the unreliable rogues,. The regues, reliabiLty can be Identified based on^te syntox 
o, the command informal tha, is recorded in fhe marxup document, i.e., 
reliable reguest is recorded as an 'Mp:/r regues., and the untenable request ,s recorded as an 
tp e uest. in the case o, the reliable reguest, a, operation 805, the reproducing apparatus 
, reads the content and generates .he reliable confex. corresponding to the content. In me 
case o, .he unreliable reguest, a. operation 806, .he reproducing apparatus 1 reads the content 
• and generates the unreliable context corresponding to the content. 

[0053] FIG. 9 is a flowchart, illustrating the security method according to still another 
embodiment of the present invention. 

[0054] Referring to FIG. 9, a, operation 901 , when the context commands to operate a 
redetermined operation, ..operation 902, the reproducing apparatus 

identified based on the flag recorded in memory 11. Iflhe context ,s . e reliab, «M « 
operation 903, .he reproducing apparatus 1 executes the command. If the context s the 
un ble con ex.. a, operate 904, ft. reprodudng apparatus identifles whether .he command 
Z TS or no Th restrict range o, ,he command operation from the unreliable context 
p Ilrmined in .he reprodudng apparatus 1 . When the operation is permitted, a, operabon 
^producing apparatus 1 performs the corresponding operation. When the operafon ,s 
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operation and outputs an error message. 

[0055] Examples of operation 906 are as follows. 

,he preload and outputt the error message. The preload opera , on d 

apparatus 1 does not delete the data and outputs the error message Th p 
and Reproducing Method Thereof filed on September 19, 2002. 
the data and outputs the error message. 

I0 „ M1 Third when the unreliable oontextis one frame of the plurality offrames as shown ,n 

and the unretiahle context commands to access anofher frame, the reproduce 
apparatus 1 does no. access the frame and outputs the error message. 

cookies and outputs the error message. 

rao6 „, Fifth . me unreliable context commands to access another context exacted ,, , he 
outputs the error message. 

,0061, Sixth if the unreliable context commands to control the AV reproducing engine 
,0061] Sixth. ,t . , n ^ reproduclng apparatus , of 

the error message. 
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,0062, As d«M above, a network access* appara.us. a security method used by the 
pled in a network to enhance security against contorts ^ the 

accessible apparatus. 

,00631 While this invention has been particular* shown and described with reference to 
asoeots Zof it will be understood by .hose skilled in the art that various changes ,n form and 

^^^^^^^^^^ 
defined by the appended claims. 
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